How to Keep Terrorists, Hackers and Other Bad Guys From Stealing Your Data

Public cloud providers offer inexpensive application hosting and data storage services. However, relying on a service provider to secure your data is risky business, so you need to take your own precautions. Here's what it takes to ensure security without breaking the bank.

By Paul Mah
Tue, July 16, 2013

CIO — The sheer volume of digital information that businesses produce and collect today offers a greater incentive than ever for hackers to break into private online communications and company files. Recent revelations that the National Security Agency (NSA) successfully used digital snooping to foil real-world terrorist operations serves as a glowing reminder of life in the digital information age.

The dramatic leak is also a somber reminder of the fragile nature of computer security. Even disregarding concerns over NSA surveillance, small businesses need to ask themselves if their IT infrastructure can withstand potential intrusion attempts from foreign governments or organizations with deep pockets and no qualms about hacking into their networks.

How-to: Build Multiple Layers of Security for Your Small Business

One way to significantly increase your security may be to reduce your companys reliance on third-party cloud providers. Given an inherent lack of oversight over external vendors, businesses have no viable means to accurately assess a particular cloud providers' security posture or competence.

Moreover, cloud services may make an appealing target for sweeping, state-sponsored hacking attempts by foreign governments. And these cloud service providers could conceivably be compelled to reveal information via a secret federal subpoena.

With this in mind, here are some strategies that your businesses can consider to tighten the bolts on security and reduce your risk.

Bringing IT Home: Better Security, But at What Cost?

Bringing everything in house is the easiest way to ensure that no data can be secretly accessed. This is relatively straightforward task for popular collaboration platforms such as Microsoft Exchange Server and SharePoint, both of which are available in both cloud and onsite flavors. In some instances, a hybrid deployment model that puts highly sensitive data on an onsite server, but more generic information at a cloud location, may serve you well, too.

While the initial cost of a non-cloud approach will almost always be more costly than a cloud deployment, the maturity and available expertise in virtualization infrastructure deployment means that mid- to long-term costs should not be significantly more expensive. Moreover, the availability of more powerful computer hardware, not to mention cheap storage and RAM, means that even a relatively low-end server today is capable of running more virtual machines simultaneously than ever before.

Unfortunately, the proliferation of online services means that an onsite deployment may not always be possible. Security-conscious businesses may want to reevaluate if online-only services such as QuickBooks Online and FreshBooks are really necessary.

Related: How to Set Up a Business-Grade Wi-Fi Network

If that answer is "Yes," then you should at least ensure that all communications with the online service is always conducted over an encrypted channel such as secure sockets layer (SSL). This can be set up with the appropriate configuration at the company gateway or proxy server to prohibit non-SSL connections.

Continue Reading

Our Commenting Policies